package com.xuecheng.auth.config;

import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

    /**
     * @author Wyd
     * @version 1.0
     * @description 安全管理配置
     * @date 2022/9/26 20:53
     */
    @EnableWebSecurity
    @EnableGlobalMethodSecurity(securedEnabled = true,prePostEnabled = true)
    @Configuration
    @Slf4j(topic = "WebSecurityConfig")
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {


        @Autowired
        private DaoAuthenticationProviderCustom daoAuthenticationProviderCustom;

        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {

            auth.authenticationProvider(daoAuthenticationProviderCustom);
        }


        @Bean
        public PasswordEncoder passwordEncoder() {
            //密码为明文方式
            //  return NoOpPasswordEncoder.getInstance();

            //密码是密文
            return new BCryptPasswordEncoder();
        }

        //配置安全拦截机制
        @Override
        protected void configure(HttpSecurity http) throws Exception {
                http
                    .authorizeRequests()
                    .antMatchers("/r/**").authenticated()//访问/r开始的请求需要认证通过
                    .anyRequest().permitAll()//其它请求全部放行
                    .and()
                    .formLogin().successForwardUrl("/login-success");//登录成功跳转到/login-success
        }

        /**
         * 认证管理器
         * @return
         * @throws Exception
         */
        @Bean
        public AuthenticationManager authenticationManagerBean() throws Exception {

            return super.authenticationManagerBean();
        }


}
